How to Install SpiderFoot on Ubuntu Linux

|

|

The tutorial guides students and new users on installing SpiderFoot, an open-source vulnerability tool for security assessments, on Ubuntu 20.04 and 18.04. It offers two variants, an open-source version and SpiderFoot HX for professionals. Installation involves Python, downloading the SpiderFoot package, and following the provided steps to run it. SpiderFoot also offers a web interface…

This brief tutorial shows students and new users how to install SpiderFoot on Ubuntu 20.04 | 18.04.

SpiderFoot is an open-source vulnerability tool for threat intelligence, asset discovery, attack surface monitoring, or security assessments.

SpiderFoot comes in two flavors: The open-source version and SpiderFoot HX for professionals looking for lot more features that are not available in the open-source version.

With the open-source version, most of the modules from SpiderFoot HX are available, but the ability to navigate, visualize, monitor, and investigate is not available. You’ll be able to export the data from SpiderFoot in CSV, JSON, or GEXF and work with the data in other tools.

For more about SpiderFoot, visit its homepage.

To get started with installing SpiderFoot on Ubuntu, follow the steps below:

Install Python

SpiderFoot is written in Python and is required to be installed on the host machine. To get Python on Ubuntu, run the commands below:

sudo apt update
sudo apt install python3 python3-pip

After the above packages are installed, go and download the SpiderFoot package.

Install SpiderFoot

Run the commands below to download SpiderFoot version 3.3 from GitHub.

cd ~
wget https://github.com/smicallef/spiderfoot/archive/v3.3.tar.gz

This will download in your home directory. Once downloaded, run the commands below to extract the downloaded archived.

The next commands change into the extracted folder and install all requirements to run SpiderFoot.

tar -xvzf v3.3.tar.gz
cd spiderfoot-3.3
pip3 install -r requirements.txt

After running the commands above, SpiderFoot should be installed and ready to use.

SpiderFoot is shipped with a help file that contains options that can be used with the command. To invoke the help file, run the commands below:

python3 sf.py --help

The output of the help command option.

sage: sf.py [-h] [-d] [-l IP:port] [-m mod1,mod2,.] [-M] [-s TARGET] [-t type1,type2,.] [-T]
             [-o tab|csv|json] [-H] [-n] [-r] [-S LENGTH] [-D DELIMITER] [-f] [-F type1,type2,.]
             [-x] [-q]

SpiderFoot 3.3: Open Source Intelligence Automation.

optional arguments:
  -h, --help          show this help message and exit
  -d, --debug         Enable debug output.
  -l IP:port          IP and port to listen on.
  -m mod1,mod2,.    Modules to enable.
  -M, --modules       List available modules.
  -s TARGET           Target for the scan.
  -t type1,type2,.  Event types to collect (modules selected automatically).
  -T, --types         List available event types.
  -o tab|csv|json     Output format. Tab is default. If using json, -q is enfor

SpiderFoot also has a web interface. Run the commands below and initial the web UI.

python3 sf.py -l localhost:5001

The output of the commands above:

2021-03-31 14:32:59,545 [INFO] Starting web server at localhost:5001 .
2021-03-31 14:32:59,582 [WARNING] 
********************************************************************
Warning: passwd file contains no passwords. Authentication disabled.
Please consider adding authentication to protect this instance!
Refer to https://www.spiderfoot.net/documentation/#security.
********************************************************************
*************************************************************
 Use SpiderFoot by starting your web browser of choice and 
 browse to http://localhost:5001/
*************************************************************

2021-03-31 14:32:59,675 [INFO] [31/Mar/2021:14:32:59] ENGINE Listening for SIGTERM.
2021-03-31 14:32:59,675 [INFO] [31/Mar/2021:14:32:59] ENGINE Listening for SIGHUP.
2021-03-31 14:32:59,675 [INFO] [31/Mar/2021:14:32:59] ENGINE Listening for SIGUSR1.
2021-03-31 14:32:59,676 [INFO] [31/Mar/2021:14:32:59] ENGINE Bus STARTING

Now open your browser and browse to the server hostname or IP address followed by port 5001.

http://localhost:5001

By default, SpiderFoot can be accessed without authentication. If you wish to include a username and password, you run the commands below to add your username and password to the password file.

echo "admin:StrongPasswordHere" > passwd

That should allow you to authenticate with the username admin and password you type above.

That should do it!

Conclusion:

This post showed you how to install SpiderFoot’s open-source version on Ubuntu 20.04 | 18.04. If you find any error above, please use the comment form below to report.

Like this:



Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.